Privacy Issues with The Internet’s Most Popular Websites

Many of the websites that millions of people visit every day collect data about their visitors. This puts both the websites and the users at risk of losing their data to some unwanted third party. Beyond a hack or data breach, how these websites use people’s data is a big concern. As we’ve seen in the news recently with Facebook, websites don’t always make it clear what they do with user data.

People “don’t want companies like Google to have control over their data, but they’ve come to believe they don’t have a choice,” said Joseph Turow on

Major internet platforms have such massive shares of their markets that their competitors are much smaller, often less “convenient” options. The social aspects of many of these websites make it difficult to switch. For example, people are likely to keep using Facebook until their friends also switch to an alternative.



Google is arguably the best companies in the world at collecting user data. Its Analytics tracking code is used on 75% of the world’s top websites. This means the company can collect data about you even if you don’t use its search engine or visit any of its websites. Because Google offers so many products and services, it has many angles to gather your information. Choosing another search engine isn’t hard, but finding an alternative for other Google services may take a little more searching.

Google’s Privacy Policy

Google has assembled a visual and interactive version of its privacy policy. While Google is open about which data it collects, it’s privacy website doesn’t entirely explain the actual methods behind its data collection. Similar to how Facebook may have received consent for gathering data, it still makes people uncomfortable when they find out how the service actually works.


The Guardian reported that YouTube illegally collects data on children, according to 23 child advocacy, consumer and privacy groups. Because there is so much content directed towards children on the platform, advocacy groups think YouTube should do more to protect its young users.

The Children’s Online Privacy Protection Act passed in 1998 as a way of preventing websites directed towards children from collecting their personal information. The act is intended to protect children’s privacy and safety on the internet.

“For years, Google has abdicated its responsibility to kids and families by disingenuously claiming YouTube — a site rife with popular cartoons, nursery rhymes, and toy ads — is not for children under 13,” said Josh Golin, executive director of the Campaign for a Commercial-Free Childhood (CCFC). “Google profits immensely by delivering ads to kids and must comply with COPPA. It’s time for the FTC to hold Google accountable for its illegal data collection and advertising practices.”


The issue with using Gmail, or any email provider linked to a search engine, is that when the search engine can then link your search data to your email data. This data together allows a more complete data profile than your search data or email data alone.

Gmail is set to get an update in the coming months, which includes a new “Confidential Mode”. With this feature, users can control whether or not the recipient can forward, copy, download or print an email. While this may seem like a great privacy feature, it can’t protect from people taking screenshots of an email, or from Google collecting data from the email. The biggest problem with this feature is that users may perceive that their email communication will be completely private if they use it. This isn’t the case, similar to how Chrome’s Incognito Mode appears to offer privacy but doesn’t truly protect user privacy.

Google Chrome

If you use Google Chrome as your browser, Google as your search engine, and Gmail for your email, you are giving Google access to your information from all those services. It’s convenient to be able to login to all of these with the same account, but it makes your data trail much more complete and valuable to Google. It can use your browser to link your searches and your browsing behavior to your email account and your computer.


Facebook’s privacy issues are common knowledge. The social network has made headlines multiple times in the past few years for blatant privacy violations.

In 2006, Facebook upset its users by sharing personal information in its newly added News Feed. A year later, information about users’ purchases started popping up in News Feeds. Zuckerberg explained his thought process behind the feature, and gave users the ability to opt out.

This has been a common thread throughout Facebook’s history. It adds new features with little regard for privacy, and then if it causes outcry, allow users to opt out. The FTC has gotten involved multiple times. In 2011, Facebook settled privacy charges from the FTC by agreeing to undergo an independent privacy evaluation every other year for 20 years.

Concerns about the exact issues of the Cambridge Analytica scandal came up in the original FTC investigation in 2011. The FTC was concerned that Facebook was giving more information to third-parties than it disclosed. Ever since, Facebook has kept its reactive approach to privacy — one that puts its own interests ahead of users’.

Facebook Fails to React to User Feedback

Following the Cambridge Analytica scandal, user trust in Facebook fell substantially. The trust was beginning to recover but Zuckerberg’s testimony to Senate failed to answer users’ concerns.

Whenever Facebook faces criticism for it’s poor privacy practices, it responds with generic and insincere statements and then fails to change. Every time a story comes out about Facebook failing to protect its users, people get more nervous about using the service. According to the Electronic Frontier Foundation, Facebook’s privacy policy has continuously changed to allow the company to collect more information, not less.

Since the Cambridge Analytica scandal Facebook has added additional privacy features. In the past, though, Facebook has included privacy settings that don’t do anything. There is so little transparency into the workings of Facebook, that added features don’t solve the company’s trust and privacy issues.


Six months ago this story made Reddit users upset. It revealed that Reddit had re-enabled tracking its users, and it did so very discretely. Not only was Reddit tracking its users’ data, it was sharing that info with third-parties.

By default Reddit has tracking enabled for personalization and advertising purposes. We’ve discussed this before, but it’s in the user’s best interest to have these settings disabled. People aren’t likely to opt-out of tracking like this if they aren’t aware of the default settings.


Reddit’s Privacy Policy on How Reddit Uses Information About You

[Reddit] uses information about you to:

  • Provide, maintain, and improve the Services;
  • Help protect the safety of Reddit and our users, which includes blocking suspected spammers, addressing abuse, and enforcing the Reddit user agreement;
  • Send you technical notices, updates, security alerts, invoices and other support and administrative messages;
  • Provide customer service;
  • Communicate with you about products, services, offers, promotions, and events, and provide other news and information we think will be of interest to you (for information about how to opt out of these communications, see “Your Choices” below);
  • Monitor and analyze trends, usage, and activities in connection with our Services; and
  • Personalize the Services and provide advertisements, content and features that match user profiles or interests. (for information about how to manage the types of advertisements you experience on our Services, see “Your Choices” below).

Reddit’s Privacy Policy explains that it doesn’t take any response to “Do Not Track”, if you have it enabled in your browser. So Reddit will track you despite your request for it not to. If someone is under the impression that websites are not tracking them because they use “Do Not Track”, websites should honor this.


Amazon like the other companies on this list, uses your data to improve its products and services (make them more profitable). While most people think of Amazon as an e-commerce giant, the company actually reaches deeper and wider audiences with its Web Services, a cloud computing platform.

Even if Amazon uses the most advanced and secure cryptography to protect user data, the fact that they store and control it is concerning. If a someone sues Amazon, they could subpoena all the data on their servers.

The data on Amazon’s servers could be accidentally leaked or handed over to a third-party in court. This places the responsibility to protect user data on the users themselves. Users should encrypt their stored data to ensure that anyone who accesses it cannot use it.

Using Amazon Web Services Safely

Companies using AWS should consider if its use of the service fits within their security commitments. Many of the regulations that apply to cloud computing were written prior to the platforms widespread use, so you may need to seek legal consultation to fully understand them. Cloud computing may work for storing some information, but more sensitive information needs to be stored elsewhere.

Online Shopping Privacy Concerns

Amazon uses your past shopping and buying behavior to give you recommendations for new products and services. So where does Amazon get your information? It gathers data from things like your user profile, your browsing on the site, what you search for, your past purchases, items you’ve reviewed and music or videos you’ve streamed.

Amazon Smart Devices

In addition to your online shopping behavior, Amazon collects data from its smart devices, like Echo and home security cameras. Smart speakers like Echo offer convenience at the expense of privacy. We believe that it’s a misconception that products and services that offer great convenience can’t be private.

Katie Moussouris, founder of Luta Security said

“Society is being steered right now by companies that see better ways to target ads or drive profit.”

Amazon sold over 20 million Alexa devices in 2017, and will only continue growing throughout 2018. This move into people’s homes gives Amazon more control over your data, and more ways to collect it. When Amazon combines this data with the information it already has about you, it creates a machine capable of heavily influencing consumer purchasing behavior.

Source: SPS Commerce

Because Amazon knows so much about consumer behavior, down to a single person, it can tailor its product specifically to influence you to buy, and probably predict what you will buy and when.

Privacy Matters, Especially on These Websites

Google, YouTube, Facebook, Reddit and Amazon see a combined ~108 billion monthly visitors. Because these are some of the most visited websites in the world, they have the largest amounts of user data. Their decisions to prioritize data privacy will shift the culture for the entire internet.

People aren’t aware of the extent of these websites’ tracking. Facebook tracks users on a large percentage of the world’s most visited websites through “Share” or “Follow” buttons. This needs to change because people have an expectation of privacy. If people are reading the news at or, they generally don’t think they are being tracked by Facebook.

Small websites with less traffic can make sure they protect their visitors’ data as much as possible, but this won’t fix the internet’s bigger privacy problem. Big social networks and internet companies will continue collecting uncomfortable amounts of information until they change themselves or change due to regulation.

Privacy Threats Have Real Life Consequences

It’s not just advertisers who are collecting your information and using it to influence you. Other information that you may even share willingly has let people track down complete strangers. According to the Pew Internet & American Life Project, 36 percent of internet users have sought online support for health, family and mental health issues, and 24 percent of those have signed in with their real name and e-mail address. One of the biggest issues with this is opening yourself up to phishing attacks.

If someone is has access to a specific problem of yours and your contact email, they could easily use that information to contact you with a “fake” solution or some way to coax you into sharing more information.

The most horrific stories about the importance of privacy involve someone using information found online to track someone down and stalk them, harass them, or even harm them. While these are rare cases, it’s still an important reminder that you should take your privacy seriously and be careful what you share.